| ▲ | arccy 3 hours ago |
| if you make it easy to be lazy and panic vs properly handling the error, you've designed a poor language |
|
| ▲ | nine_k 2 hours ago | parent | next [-] |
| At Facebook they name certain "escape hatch" functions in a way that inescapably make them look like a GIANT EYESORE. Stuff like DANGEROUSLY_CAST_THIS_TO_THAT, or INVOKE_SUPER_EXPENSIVE_ACTION_SEE_YOU_ON_CODE_REVIEW. This really drives home the point that such things must not be used except in rare extraordinary cases. If unwrap() were named UNWRAP_OR_PANIC(), it would be used much less glibly. Even more, I wish there existed a super strict mode when all places that can panic are treated as compile-time errors, except those specifically wrapped in some may_panic_intentionally!() or similar. |
| |
| ▲ | adzm 2 hours ago | parent | next [-] | | > make them look like a GIANT EYESORE React.__SECRET_INTERNALS_DO_NOT_USE_OR_YOU_WILL_BE_FIRED comes to mind. I did have to reach to this before, but it certainly works for keeping this out of example code and other things like reading other implementations without the danger being very apparent. At some point it was renamed to __CLIENT_INTERNALS_DO_NOT_USE_OR_WARN_USERS_THEY_CANNOT_UPGRADE which is much less fun. | | | |
| ▲ | Nathanba 2 hours ago | parent | prev [-] | | right and if the language designers named it UNWRAP_OR_PANIC() then people would rightfully be asking why on earth we can't just use a try-catch around code and have an easier life | | |
| ▲ | nine_k 2 hours ago | parent | next [-] | | But a panic can be caught and handled safely (e.g. via std:: panic tools). I'd say that this is the correct use case for exceptions (ask Martin Fowler, of all people). There is already a try/catch around that code, which produces the Result type, which you can presumptuously .unwrap() without checking if it contains an error. Instead, one should use the question mark operator, that immediately returns the error from the current function if a Result is an error. This is exactly similar to rethrowing an exception, but only requires typing one character, the "?". | |
| ▲ | yoyohello13 2 hours ago | parent | prev | next [-] | | Probably not, since errors as values are way better than exceptions. | | |
| ▲ | nomel 2 hours ago | parent [-] | | How so? An exception is a value that's given the closest, conceptually appropriate, point that was decided to handle the value, allowing you to keep your "happy path" as clean code, and your "exceptional circumstances" path at the level of abstraction that makes sense. It's way less book-keeping with exceptions, since you, intentionally, don't have to write code for that exceptional behavior, except where it makes sense to. The return by value method, necessarily, implements the same behavior, where handling is bubbled up to the conceptually appropriate place, through returns, but with much more typing involved. Care is required for either, since not properly bubbling up an exception can happen in either case (no re-raise for exceptions, no return after handling for return). | | |
| ▲ | yoyohello13 2 hours ago | parent | next [-] | | There are many many pages of text discussing this topic, but having programmed in both styles, exceptions make it too easy for programmer to simply ignore them. Errors as values force you to explicitly handle it there, or toss it up the stack. Maybe some other languages have better exception handling but in Python it’s god awful. In big projects you can basically never know when or how something can fail. | | |
| ▲ | nomel an hour ago | parent [-] | | I would claim the opposite. If you don't catch an exception, you'll get a halt. With return values, you can trivially ignore an exception. let _ = fs::remove_file("file_doesn't_exist");
or
value, error = some_function()
// carry on without doing anything with error
In the wild, I've seen far more ignoring return errors, because of the mechanical burden of having type handling at every function call.This is backed by decades of writing libraries. I've tried to implement libraries without exceptions, and was my admittedly cargo-cult preference long ago, but ignoring errors was so prevalent among the users of all the libraries that I now always include a "raise" type boolean that defaults to True for any exception that returns an error value, to force exceptions, and their handling, as default behavior. > In big projects you can basically never know when or how something can fail. How is this fundamentally different than return value? Looking at a high level function, you can't know how it will fail, you just know it did fail, from the error being bubbled up through the returns. The only difference is the mechanism for bubbling up the error. Maybe some water is required for this flame war. ;) | | |
| |
| ▲ | pyrolistical 2 hours ago | parent | prev [-] | | Exception is hidden control flow, where as error values are not. That is the main reason why zig doesn’t have exceptions. | | |
| ▲ | nomel 2 hours ago | parent [-] | | I'd categorize them more as "event handlers" than "hidden". You can't know where the execution will go at a lower level, but that's the entire point: you don't care. You put the handlers at the points where you care. |
|
|
| |
| ▲ | sfink 2 hours ago | parent | prev [-] | | ...and you can? try-catch is usually less ergonomic than the various ways you can inspect a Result. try {
data = some_sketchy_function();
} catch (e) {
handle the error;
}
vs result = some_sketchy_function();
if let Err(e) = result {
handle the error;
}
Or better yet, compare the problematic cases where the error isn't handled: data = some_sketchy_function();
vs data = some_sketchy_function().UNWRAP_OR_PANIC();
In the former (the try-catch version that doesn't try or catch), the lack of handling is silent. It might be fine! You might just depend on your caller using `try`. In the latter, the compiler forces you to use UNWRAP_OR_PANIC (or, in reality, just unwrap) or `data` won't be the expected type and you will quickly get a compile failure.What I suspect you mean, because it's a better argument, is: try {
sketchy_function1();
sketchy_function2();
sketchy_function3();
sketchy_function4();
} catch (e) {
...
}
which is fair, although how often is it really the right thing to let all the errors from 4 independent sources flow together and then get picked apart after the fact by inspecting `e`? It's an easier life, but it's also one where subtle problems constantly creep in without the compiler having any visibility into them at all. |
|
|
|
| ▲ | SchwKatze 3 hours ago | parent | prev | next [-] |
| Unwrap isn't a synonym for laziness, it's just like an assertion, when you do unwrap() you're saying the Result should NEVER fail, and if does, it should abort the whole process. What was wrong was the developer assumption, not the use of unwrap. |
| |
| ▲ | SchemaLoad 2 hours ago | parent | next [-] | | It also makes it very obvious in the code, something very dangerous is happening here. As a code reviewer you should see an unwrap() and have alarm bells going off. While in other languages, critical errors are a lot more hidden. | | |
| ▲ | kloop 2 hours ago | parent [-] | | I hate that it's a method. That can get lost in a method chain easily enough during a code review. A function or a keyword would interrupt that and make it less tempting | | |
| ▲ | pdimitar an hour ago | parent [-] | | Well, you can request Clippy to tell you about them. I do that in my hobby projects. |
|
| |
| ▲ | dietr1ch 2 hours ago | parent | prev | next [-] | | > What was wrong was the developer assumption, not the use of unwrap. How many times can you truly prove that an `unwrap()` is correct and that you also need that performance edge? Ignoring the performance aspect that often comes from a hat-trick, to prove such a thing you need to be wary of the inner workings of a call giving you a `Return`. That knowledge is only valid at the time of writing your `unwrap()`, but won't necessarily hold later. Also, aren't you implicitly forcing whoever changes the function to check for every smartass dev that decided to `unwrap` at their callsite? That's bonkers. | | |
| ▲ | JuniperMesos 2 hours ago | parent | next [-] | | I doubt that this unwrap was added for performance reasons; I suspect it was rather added because the developer temporarily didn't want to deal with what they thought was an unlikely error case while they were working on something else; and no other system recognized that the unwrap was left in and flagged it before it was deployed on production servers. If I were Cloudflare I would immediately audit the codebase for all uses of unwrap (or similar rust panic idioms like expect), ensure that they are either removed or clearly documented as to why it's worth crashing the program there, and then add a linter to their CI system that will fire if anyone tries to check in a new commit with unwrap in it. | |
| ▲ | duped an hour ago | parent | prev [-] | | Panics are for unexpected error conditions, like your caller passed you garbage. Results are for expected errors, like your caller passed you something but it's your job to tell if it's garbage. So the point of unwrap() is not to prove anything. Like an assertion it indicates a precondition of the function that the implementer cannot uphold. That's not to say unwrap() can't be used incorrectly. Just that it's a valid thing to do in your code. Note that none of this is about performance. |
| |
| ▲ | Rohansi 2 hours ago | parent | prev [-] | | > when you do unwrap() you're saying the Result should NEVER fail Returning a Result by definition means the method can fail. | | |
| ▲ | Buttons840 42 minutes ago | parent | next [-] | | Division can fail, but I can write a program where I'm sure division will not fail. | |
| ▲ | SchwKatze 2 hours ago | parent | prev | next [-] | | Yeah, I think I expressed wrongly here. A more correct version would be: "when you do unwrap() you're saying that an error on this particular path shouldn't be recoverable and we should fail-safe." | |
| ▲ | Dylan16807 2 hours ago | parent | prev [-] | | > Returning a Result by definition means the method can fail. No more than returning an int by definition means the method can return -2. | | |
| ▲ | yoyohello13 2 hours ago | parent [-] | | What? Results have a limited number of possible error states that are well defined. | | |
| ▲ | Dylan16807 2 hours ago | parent [-] | | Some call points to a function that returns a Result will never return an Error. Some call points to a function that returns an int will never return -2. Sometimes you know things the type system does not know. | | |
| ▲ | Rohansi 2 hours ago | parent [-] | | The difference is functions which return Result have explicitly chosen to return a Result because they can fail. Sure, it might not fail in the current implementation and/or configuration, but that could change later and you might not know until it causes problems. The type system is there to help you - why ignore it? | | |
| ▲ | Dylan16807 2 hours ago | parent [-] | | Because it would be a huge hassle to go into that library and write an alternate version that doesn't return a Result. So you're stuck with the type system being wrong in some way. You can add error-handling code upfront but it will be dead code at that point in time, which is also not good. |
|
|
|
|
|
|
|
| ▲ | JuniperMesos 2 hours ago | parent | prev | next [-] |
| It's a little subtler than this. You want it to be easy to not handle an error while developing, so you can focus on getting the core logic correct before error-handling; but you want it to be hard to deploy or release the software without fully handling these checks. Some kind of debug vs release mode with different lints seems like a reasonable approach. |
|
| ▲ | yoyohello13 3 hours ago | parent | prev | next [-] |
| So… basically every language ever? Except maybe Haskell. |
| |
|
| ▲ | leshenka 2 hours ago | parent | prev | next [-] |
| All languages with few exceptions have these kinds of escape hatches like unwrap |
|
| ▲ | otterley 3 hours ago | parent | prev [-] |
| https://en.wikipedia.org/wiki/Crash-only_software |
| |
| ▲ | nine_k 3 hours ago | parent [-] | | Works when you have the Erlang system that does graceful handing for you: reporting, restarting. |
|
